General

  • Target

    8ec044c6b5d05930f7810a1799607e89_JaffaCakes118

  • Size

    873KB

  • Sample

    241104-c8ezja1gqa

  • MD5

    8ec044c6b5d05930f7810a1799607e89

  • SHA1

    df8b7e455e29127b3d45c792755f844c0e82b685

  • SHA256

    8f494568efe369de564e37eebcfa978d92f7ec8256f9aae4d84571f6c1650c68

  • SHA512

    effb3ffe31ad2dd6a163ec4ac14e973a5858770c095d6a0db749dc8a8b1458d74b575c9e58fe7c6ba5a195140522d3144c1c25d84d39855c09303d5a82c0ad8a

  • SSDEEP

    24576:/ikdkv9G2LoFNGv4bMrqKCaw5tPbqee5R0a+jE6l6snc2thS:/3dkvA2M+SkqKneeijfpciS

Malware Config

Targets

    • Target

      8ec044c6b5d05930f7810a1799607e89_JaffaCakes118

    • Size

      873KB

    • MD5

      8ec044c6b5d05930f7810a1799607e89

    • SHA1

      df8b7e455e29127b3d45c792755f844c0e82b685

    • SHA256

      8f494568efe369de564e37eebcfa978d92f7ec8256f9aae4d84571f6c1650c68

    • SHA512

      effb3ffe31ad2dd6a163ec4ac14e973a5858770c095d6a0db749dc8a8b1458d74b575c9e58fe7c6ba5a195140522d3144c1c25d84d39855c09303d5a82c0ad8a

    • SSDEEP

      24576:/ikdkv9G2LoFNGv4bMrqKCaw5tPbqee5R0a+jE6l6snc2thS:/3dkvA2M+SkqKneeijfpciS

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks